LinuxCommandLibrary

sbuild

Build Debian packages in a clean environment

TLDR

Build the package in the current directory

$ sbuild
copy

Build the given package
$ sbuild [package]
copy

Build for a certain distribution
$ sbuild --dist [distribution]
copy

Build using custom dependencies (if a directory is passed, all files ending with .deb are used)
$ sbuild --extra-package [path/to/file_or_directory]
copy

Run a shell in case of build failure to further investigate
$ sbuild --build-failed-commands=%SBUILD_SHELL
copy

Cross build for a certain architecture
$ sbuild --host [architecture]
copy

Build for the given native architecture
$ sbuild --arch [architecture]
copy

SYNOPSIS

sbuild [OPTIONS] <source-package | .dsc file | .changes file>

PARAMETERS

-c, --chroot=CHROOT
    Specify the schroot chroot name or path to use for building.

-d, --dist=DISTRIBUTION
    Specify the distribution (e.g., 'sid', 'bookworm') to build for.

-A, --arch=ARCHITECTURE
    Specify the architecture (e.g., 'amd64', 'arm64') for the build.

-h, --host=HOST_ARCHITECTURE
    Specify the host architecture for cross-compilation builds.

-s, --source
    Only build the source package (.dsc, .orig.tar.{gz|xz|bz2}, .debian.tar.{gz|xz|bz2}).

-b, --build
    Only build the binary packages (.deb files).

--clean-chroot
    Clean the chroot (e.g., revert to snapshot) after the build (default).

--no-clean-chroot
    Do not clean the chroot after the build, useful for debugging.

--run-command=COMMAND
    Run an arbitrary command inside the chroot before the build.

--extra-dep=PACKAGE
    Add an extra build dependency to be installed in the chroot before building.

--force-orig-source
    Force the use of the original tarball even if a newer version is present.

--no-run-lintian
    Do not run lintian on the built packages.

-v, --verbose
    Enable verbose output during the build process.

-D, --debug
    Enable debug output.

DESCRIPTION

sbuild is a powerful command-line tool used for securely and reproducibly building Debian packages within an isolated environment, typically a chroot or container. It acts as a wrapper around package building utilities like dpkg-buildpackage or debuild, but crucially manages the build environment itself.

By performing builds in a clean, isolated chroot, sbuild ensures that all declared build dependencies are met and that no extraneous files from the host system interfere with the build. This practice is vital for achieving reproducible builds, enhancing security, and verifying that packages only rely on their specified dependencies. It commonly integrates with schroot to manage the chroot environments, providing a robust framework for official Debian package builds and local development.

CAVEATS

Using sbuild requires pre-configured schroot environments (chroots). Setting up these chroots, including user mapping and package repositories, can be non-trivial and often involves tools like debootstrap and careful schroot configuration. Network access within the chroot is typically required for fetching build dependencies. Proper user permissions and groups must be set up for sbuild to function correctly.

CONFIGURATION FILES

sbuild can be configured globally via /etc/sbuild/sbuild.conf and on a per-user basis using ~/.sbuildrc. These files allow customization of default chroots, build options, and other behaviors.

CHROOT SETUP

While sbuild orchestrates the build, the underlying chroot environments must be prepared separately. This typically involves using debootstrap to create a minimal Debian system and then configuring it as an schroot session.

HISTORY

sbuild originated within the Debian project to provide a robust and secure method for building official Debian packages. It was developed to overcome the limitations of building directly on a host system, which could lead to non-reproducible builds due to varied environments. Its reliance on schroot for managing isolated build environments has been a cornerstone of its design, enabling consistent and clean build processes critical for the Debian archive. It has evolved significantly over time, adapting to new build requirements and chroot management practices.

SEE ALSO

dpkg-buildpackage(1), debuild(1), schroot(1), debootstrap(8), pbuilder(1)

Copied to clipboard